Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Add a note about APIs in token authenticatable, closes #1959

  • Loading branch information...
commit 1da8490dbc4341e42bc33774361da0d8972b23ba 1 parent 6e79c5c
José Valim josevalim authored
Showing with 13 additions and 1 deletion.
  1. +1 −1  CHANGELOG.rdoc
  2. +12 −0 lib/devise/models/token_authenticatable.rb
2  CHANGELOG.rdoc
View
@@ -1,6 +1,6 @@
* enhancement
* Default minimum password length is now 8 (by @carlosgaldino).
- * Confirmable now has a confirm_within option to set a period when the confirmation token is still valid (by @promisedlandt)
+ * Confirmable now has a confirm_within option to set a period while the confirmation token is still valid (by @promisedlandt)
* bug fix
* Fix a regression introduced on warden 1.2.1 (by @ejfinneran)
12 lib/devise/models/token_authenticatable.rb
View
@@ -18,6 +18,18 @@ module Models
# If you want to delete the token after it is used, you can do so in the
# after_token_authentication callback.
#
+ # == APIs
+ #
+ # If you are using token authentication with APIs and using trackable. Every
+ # request will be considered as a new sign in (since there is no session in
+ # APIs). You can disable this by creating a before filter as follow:
+ #
+ # before_filter :skip_trackable
+ #
+ # def skip_trackable
+ # request.env['devise.skip_trackable'] = true
+ # end
+ #
# == Options
#
# TokenAuthenticatable adds the following options to devise_for:
Please sign in to comment.
Something went wrong with that request. Please try again.